<?php
require_once($_SERVER['DOCUMENT_ROOT'] . '/all.conf.php');
require_once(__PHY_LIB.'/func/_Common.func.php');
require_once(__PHY_LIB.'/class/Session.class.php'); new Session();
require_once(__PHY_LIB.'/class/aUser.class.php');
require_once(__PHY_LIB.'/class/Tpl.class.php');

/// init ///
$oTpl = new Tpl();
$oTpl->assignConst();
$_br = "<br />\n";

/// $_The ///
$_The = array(
	'Depth' => 1,
	'Dir' => 'admin/',
	'AdmFunc' => $_SERVER['SCRIPT_NAME'],
	'FileBase' => basename($_SERVER['SCRIPT_NAME'], '.php'),
);
$oTpl->assign('_The', $_The);

$rReq = validate($_REQUEST, 'msg:u|action:u');
$sMsg = $rReq['msg'] ? $rReq['msg'].$_br : '';

if ('login' == $rReq['action']) {
	$rP = validate($_POST, 'user:u|pswd:u');
	$oAdmUser = new aUser();
	if ($oAdmUser->look($rP['user'])) {
		if (md5($rP['pswd']) == $oAdmUser->get('pswd')) {
			$_SESSION['ADM_USER_ID'] = $oAdmUser->getID();
			$_SESSION['ADM_USER'] = $oAdmUser->get('user_cname');
			header('Location: '.__DIR_ADM.'/index.php');
			exit();
		}
		else { $sMsg .= '密码错误'.$_br; }
	}
	else { $sMsg .= '非法用户'.$_br; }
}
elseif ('bye' == $rReq['action']) {
	unset($_SESSION['ADM_USER_ID']);
	unset($_SESSION['ADM_USER']);
	$sMsg .= '你已经登出'.$_br;
}

$oTpl = new Tpl();
$oTpl->assignConst();

$oTpl->assign('sMsg', $sMsg);
$oTpl->display(dirname(__FILE__).'/'.basename(__FILE__, '.php').'.tpl');
?>
